Coworking Part 2: Data & Privacy Risks

In my last blog post, I discussed the emerging importance of coworking spaces in the post-industrial workforce.  In this part two of the series, at the risk of bursting this utopian post-industrial bubble, I set out some of the more pressing employment law issues with coworking spaces:  confidential information, data security, privacy and ownership of content.

(1) Confidential Information 

If you are the founder, then you can determine what risk you want to take with confidential info laying around in your workspace while you zip out to get a coffee or a beer.  But if you are the employer, and one of your remote working employees is regularly working in a coworking space, you’ll likely want a direct say in how information is protected.  Often creativity and innovation are the whole point of the organization, so confidentiality is a live issue. 

Yes, there is a trusting, collaborative spirit to the whole coworking paradigm, but that doesn’t mean some ideas shouldn’t be kept quiet while in the development stage.  Does your free-spirited remote employee fully appreciate the sweat and tears you’ve put into your venture, and why the confidentiality agreement (that you hopefully had her sign) is actually an important document?

(2)  Data Security

Related to confidential information, the security of your company’s information may be comprised if you’re hooking into some generic wi-fi network with no security features.  While the lowly USB stick actually remains your highest security risk through inadvertent loss (on the subway, in the black hole of your giant purse, etc), the regular transfer of data online is open to interference without some extra layers of security for your remote worker to tap into.  

Specific steps to take will depend on the equipment being used, how much is electronic versus sheets of paper laying around, and what encryption features already exist on the equipment.

(3)  Privacy

Whether or not you are on the “privacy is dead” side of the fence, there remains legislation and caselaw in Ontario that protects employee medical information and supports an employee’s expectation of privacy.  Believe what you want personally, but your organization is a custodian of certain information that will be bound by the web of Canadian laws, regardless of the size of your operation.  This means certain security steps should be taken when gathering, using or disclosing information captured by the privacy law regime.

If you, as employer, get dinged with a privacy complaint by an employee or customer, it will be far more useful to point to the steps you previously took to guard the personal information and the general framework of how you respect personal information, than to declare privacy a quaint 20th century notion.

If you are working with someone from the US who says employees do not have any right to privacy on a workplace computer, remind your American colleague that, unlike south of the border, Canadian employees (according to the Supreme Court of Canada) have a right to an expectation of privacy in the workplace.   Consider, instead, emailing your cyberfriends from Europe for any unofficial legal advice on privacy law, since our laws are closer to privacy and data protection across the pond.

(4)  Ownership of Content

Also related to confidential information, and a topic close to most creative, socially connected hearts is whether your employee will own all that content she is drafting while working for you.  This may seem to have little to do with coworking spaces directly, except that the coworking environment may lull employees into a sense of control and ownership over their work in part because they are surrounded by so many entrepreneurs and creatives.  If, however, that employee is hired to produce brilliant content for you and your company, and if that content is being drafted on company time, it is the company’s property. 

It is no longer straightforward, however, to separate out what is company versus employee content or what is work versus personal time.  Who owns the connections or status updates on LinkedIn?  The posts on the company blog that were first written for your employee’s personal blog?  The marketing strategy design that draws upon concepts your employee created before she started with you? 

I’ve written about ownership of social media content several times, and the bottom line remains the same:  articulate upfront in the employment contract what are the company’s expectations.  Whether you have one or 100 employees, the risk is that the employee creating content may overstate how much belongs to him or her, rather than to the company.

Stay tuned for the next post in the series on the employment law implications of coworking spaces related to the human employment law risks, as well as strategies on how to lower the risks and how to manage employees in the coworking space.

Tweet Like Share on LinkedIn Email
Trackbacks (0) Links to blogs that reference this article Trackback URL
http://www.canadaemploymenthumanrightslaw.com/admin/trackback/311155
Comments (0) Read through and enter the discussion with the form at the end
Post A Comment / Question Use this form to add a comment to this entry.







Remember personal info?
Send To A Friend Use this form to send this entry to a friend via email.